From af12c39d6de5bbcd24915db3c4cc9404f102ac02 Mon Sep 17 00:00:00 2001
From: Robert Ransom <rransom.8774@gmail.com>
Date: Sun, 23 Oct 2011 14:27:56 -0700
Subject: Don't use any OR connection which sent us a CREATE_FAST cell for an
 EXTEND

Fix suggested by Nick Mathewson.
---
 changes/issue-2011-10-19L | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'changes')

diff --git a/changes/issue-2011-10-19L b/changes/issue-2011-10-19L
index 972823eeea..1fefd7267e 100644
--- a/changes/issue-2011-10-19L
+++ b/changes/issue-2011-10-19L
@@ -10,3 +10,12 @@
       upgrade.  Fixes CVE-2011-2768.  Bugfix on FIXME; found by
       frosty_un.
 
+    - Don't use any OR connection on which we have received a
+      CREATE_FAST cell to satisfy an EXTEND request.  Previously, we
+      would not consider whether a connection appears to be from a
+      client or bridge when deciding whether to use that connection to
+      satisfy an EXTEND request.  Mitigates CVE-2011-2768, by
+      preventing an attacker from determining whether an unpatched
+      client is connected to a patched relay.  Bugfix on FIXME; found
+      by frosty_un.
+
-- 
cgit v1.2.3-54-g00ecf